Who can I contact in case of questions regarding personal data processing?
|Synpulse Holding AG|
|Synpulse Deutschland GmbH|
|Frankfurt Airport Center 1|
|Synpulse UK Ltd|
|20 St Dunstans Hill|
|London EC3R 8HL|
|Synpulse Österreich GmbH|
|Synpulse Schweiz AG|
Regarding the Website Synpulse Holding AG, Sonnenbergstrasse 19, 6052 Hergiswil, Switzerland (“Synpulse”, “we”, “us” or “our”) is the data controller (within the meaning of the General Data Protection Regulation (“GDPR”) and Swiss data protection legislation.
Please note that we do not intently collect and store data of individuals. The application process for open positions at Synpulse is processed on a separate website https://jobs.Synpulse.com. Separate terms and conditions apply.
2. Data we collect, process and use
In general, you can use the website without providing any personal information such as e.g. your name, email address, postal address, telephone number, financial information (all such information concerning the personal or material circumstances of an identified or identifiable individual data subject together “Personal Data”). Therefore, if you do not provide us directly with personal data in another way or actively consent to the use by us of certain personal data, we, in general, do not use your data with the exception of data that your browser automatically transfers so that it can access the Website as, in particular:
- the IP address
- the date and time of the request
the browser type
In respect of personal data of data subjects resident in a EU country, legal basis for processing of data described above in section 2.1. (to the extent such data is to be considered personal data) is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; the legitimate interests to use such data arises from the fact that without such data the website cannot be accessed by the users).
Besides the use of personal data as described in section 2.1, we, in general, will use personal data provided by you only to reply to your information requests. For example, we store data that you have provided to us with the purpose of receiving further information from us with regard to services offered by us (e.g. if you contact us via an email, we use such email address to reply to your message).
In respect of personal data of data subjects resident in a EU country, legal basis for processing of data described in this section 2.2 is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; the legitimate interest arises from the fact that we cannot answer your information requests without processing the respective data) and in case your information request aims at a (potential) conclusion of a contract with us - Art. 6 (1) sentence 1 lit. b GDPR (fulfilment of contract and pre-contractual measures).
Only in cases in which you have given us prior consent we also use your personal data for other purposes but only to the extent needed in each specific case.
In respect of personal data of data subjects resident in a EU country, legal basis for processing of data described in this section 2.3 is Art. 6 (1) sentence 1 lit. a GDPR (consent).
We may disclose personal data to third parties where such disclosure is required by law (for example, upon request of a court or of law enforcement authorities).
n respect of personal data of data subjects resident in a EU country, legal basis for processing of data described in this section 2.4 is Art. 6 (1) sentence 1 lit. c GDPR (legal obligation).
We may also use certain data as set forth in section 3 below.
Cookies are small text files that are mainly stored on your hard disk of the computer with which you visit a website and which are allocated to your browser and through which certain information is submitted to the cookies user that sets the cookie (in this case us). Cookies serve to make the website offering more user-friendly and effective overall.
The Website uses the following cookies:
- Cookie Name: _ga & _gid
This cookie, which is set by Google Analytics, registers a unique ID that is used to generate statistical data on how the visitor uses the website.
- Cookie Name: _gat
This cookie, which is set by Google Analytics, does not store any user information. It's just used to limit the number of requests that have to be made to doubleclick.net (if doubleclick is used).
- Cookie Name: _hstc
This is the main cookie for tracking visitors via Hubspot. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
- Cookie Name: _hssrc
Whenever HubSpot changes the session cookie, this cookie is also set. Hubspot set it to 1 and uses it to determine if the visitor has restarted their browser. If this cookie does not exist when Hubspot manages cookies, they assume it is a new session.
- Cookie Name: _hssc
This cookie keeps track of sessions. This is used to determine if they should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
- Cookie Name: hubspotutk
This cookie is used for to keep track of a visitor's identity. This cookie is passed to HubSpot on form submission and used when de-duplicating contacts.
- Cookie Name: Facebook Pixel (ID: 585072135025227)
A Facebook Pixel is like a Google Analytics tracking code, that records the behavior of users. Facebook pixels to record the behavior of users that come from Facebook or a search engine to accurate their Facebook ads reach. With pixels Facebook can determine how an Ad is performing by tracking sales and leads.
In respect of personal data of data subjects resident in a EU country, legal basis for processing of data described in this section 3.1 (to the extent such data is to be considered personal data) is Art. 6 (1) sentence 1 lit. a GDPR (consent).
The Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how you use the Website. The information generated by the cookie about your use of the Website will normally be transmitted to and stored by Google on servers in the United States.
The IP address that your browser transfers within the scope of Google Analytics will not be associated with any other data held by Google.
For further information on Google Analytics please refer to: http://www.google.com/analytics/terms/, https://support.google.com/analytics/answer/6004245?hl=en and https://policies.google.com/privacy?hl=en&gl=en.
Google Inc. (and its wholly-owned US subsidiaries) has certified that it adheres to the relevant Privacy Shield Principles, including for Google Analytics. Further information can be found at: https://www.privacyshield.gov/EU-US-Framework .
In respect of Personal Data of data subjects resident in a EU country, legal basis for processing of data described in this section 3.2 (to the extent such data is to be considered personal data) is Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; the legitimate interests to use such data is that we use and analyze the respective data to improve the website, such as by gaining a better understanding of your interests and requirements regarding our website and to help personalize your user experience).
4. Sharing personal data with third parties
We may share personal data with affiliated companies belonging to the Synpulse group outside your country of domicile, potentially including countries which may not require an adequate level of protection for your personal data compared with that provided in your country of residence. In any case, the data transfer abroad will take place according to the applicable data protection rules in order to ensure effective levels of data protection.
In respect of personal data of data subjects resident in a EU country, legal basis for data processing described in this section 4 is Art. 6 (1) sentence 1 lit. b GDPR (performance of contract and pre-contractual measures; for further information cf. above section 2).) and/or Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; for further information cf. above sections 2 and 3).
In respect of personal data of data subjects resident in a EU country, legal basis for data processing described in this section 4.2 is Art. 28 GDPR (order processing) and Art. 6 (1) sentence 1 lit. b GDPR (performance of contract and pre-contractual measures; for further information cf. above section 2) and/or Art. 6 (1) sentence 1 lit. f GDPR (legitimate interests; for further information cf. above sections 2 and 3).
5. Duration of storage of personal data
6. Your rights
You have the right to request information from us at any time about your personal data stored by us. If the legal requirements are met, you also have rights vis-à-vis us to request from us access to and rectification or erasure or restriction of processing concerning your personal data or to object the processing of your personal data as well as the right to receive your personal data provided to us in a structured, established and machine-readable format from us (you can transfer this data to other parties or have it transferred; data portability).
If you have given your consent to the use of personal data, you can revoke such consent at any time for the future.
If you believe that the processing of your personal data by us is in breach of the applicable data protection laws, you can issue a complaint with the competent supervisory authority for data protection in your jurisdiction.
For data subjects resident in a EU country, you can find the relevant supervisory authority name and contact details under http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. For data subjects resident in Switzerland, the relevant supervisory authority is the Federal Data Protection and Information Commissioner, www.edoeb.admin.ch.
You can contact us (e.g. if you have any questions about data protection regarding Synpulse (including regarding the assertion of your rights further explained in section 6 above)), for example, via the address indicated above in section 1 or via firstname.lastname@example.org .
8. Keeping your personal data secure
We have taken extensive technical and operational precautions to protect the personal data retained by us against unauthorized access and misuse. Our security procedures are revised regularly and adapted to reflect technological progress.
This privacy notice informs how Synpulse treats personal data
We process personal data collected from our clients and business partners – e.g., from business cards, contracts, emails, or social media contacts. As Synpulse is a multi-national group and supports clients globally, we might also receive personal data from other Synpulse group entities.
- With the term personal information, we generally refer to the following types of information: Name and contact information (e.g., address, phone number, email address)
- Personal information (e.g., date of birth, sex)
- Organizational information (e.g., employer, industry, title, function)
- Information about services received in the past (e.g., advisory projects, articles, participated events, etc),
- Project-specific personal information clients provide to us in order to receive an agreed service
- Digital KPIs (Synpulse websites visited, files you downloaded, digital events participated, engagement activities generated on our social media channels, etc)
For which purpose does Synpulse process personal data?
We process personal data in accordance with GDPR data protection principles in order to
- Enter into and fulfill a contract with our clients on consulting services we agreed to provide
- Provide clients with articles, white papers, and similar information and invite clients to events based on consent we have received from clients
- Protect the legitimate interests of Synpulse – especially to perform client background checks regarding creditworthiness and reputational risk and peruse legitimate claims
How do we protect personal data?
We have a data protection regime in place to oversee the effective, secure and systematic processing of your personal data. We handle internal access to personal data on a «need-to-know» basis. Only our managers have user roles allowing access to personal data of our customers and business partners.
All the personal data we process is handled by Synpulse employees at one of our company sites.
However, for the purposes of IT hosting and maintenance, the information is located on servers within the European Union or in countries that the EU deems to have an adequate level of data protection.
As a fundamental rule, we do not disclose, transfer, sell or otherwise market personal data to third parties, such as other companies or organizations, without your explicit consent and as required to meet our contractual obligations between Synpulse and you. Without derogating from this rule, we might be legally obliged to provide personal data to local authorities.
How long do we keep personal data?
We value our current, potential future, and past customers and would like to keep in touch and provide you with updates on our practice and information on topics of relevance for your industry. Therefore we will keep your data until you notify us that you no longer wish to receive this kind of information. Without derogating from this rule, we might be obliged to keep certain personal data according to legal retention periods.
Do we take any automated decisions including profiling using your data?
We do not.
What are your rights?
If you are interested in your personal data we process, please contact us at any time to gain access to or a copy of such data.
If at any point you believe the information we process on you is incorrect, you can demand to see this information, and have it corrected or deleted.
If you do not want us to process your personal data any longer, you can withdraw consent and demand erasure of your personal data at any time.
If you wish to raise a complaint about how we have handled your personal data, please do not hesitate to contact us.
Please raise all questions and requests with our Data Protection Officer.
If you are not satisfied with our response or believe we are processing your personal data in a way that is not in accordance with the law, you can complain to the information commissioner’s office (ICO) of your country of residence.